<?php
	function queryDatabase($_servername, $_username, $_pw, $_dbname, $_query)
	{
		// Connect to database
		if ( !$link = mysql_connect($_servername, $_username, $_pw))
		{
			throw new Exception('Error connecting to database (' . mysqli_connect_errno() . ').');
		}
		$query_error = null;
		mysql_select_db( $_dbname );
		$result = mysql_query( $_query );
		if ( !$result )
		{
			$query_error = ('Error ('.mysql_error($link).') making query:'.$_query);
		}
		
		if ( $query_error != null )
		{
			throw new Exception($query_error);
		}
		
		if (is_resource($result))
		{
			$rows = array(); //return value, array of rows, db implementation independant
			while ( $row = mysql_fetch_row($result) )
			{
				$rows[] = $row;
			}
			return $rows;
		}
		else
		{
			return $result;
		}
	}
	
	function sanitizeInput($_input)
	{
		return preg_replace("/[^+&\-_|% @a-zA-Z0-9.]/", "", $_input);
	}
?>